{"type":"rich","version":"1.0","provider_name":"phorkie","provider_url":"https:\/\/p.cweiske.de\/","title":"bcrypt libc linux","author_name":"Christian Weiske","cache_age":86400,"width":900,"height":900,"html":"<!-- embedding all files of https:\/\/p.cweiske.de\/599 -->\n<link rel=\"stylesheet\" href=\"https:\/\/p.cweiske.de\/css\/embed.css\"\/>\n<div class=\"phork\" id=\"599\">\n    <div class=\"phork-file\">\n <div class=\"phork-content\">\n  \n<div class=\"document\">\n\n\n<p>brcypt is not available in libc's crypt() method on Debian 9. I would like to have used it for dovecot password storage (<a class=\"reference external\" href=\"https:\/\/wiki2.dovecot.org\/Authentication\/PasswordSchemes\">https:\/\/wiki2.dovecot.org\/Authentication\/PasswordSchemes<\/a>).<\/p>\n<p>Reasons:<\/p>\n<ul class=\"simple\">\n<li>Debian does not want to differ from upstream glibc (<a class=\"reference external\" href=\"https:\/\/bugs.debian.org\/cgi-bin\/bugreport.cgi?bug=149452\">https:\/\/bugs.debian.org\/cgi-bin\/bugreport.cgi?bug=149452<\/a>)<\/li>\n<li>glibc does not want to include it because it is not on the list of NIST-recommended algorithms<ul>\n<li><a class=\"reference external\" href=\"https:\/\/sourceware.org\/bugzilla\/show_bug.cgi?id=2100\">https:\/\/sourceware.org\/bugzilla\/show_bug.cgi?id=2100<\/a><\/li>\n<li><a class=\"reference external\" href=\"https:\/\/akkadia.org\/drepper\/sha-crypt.html\">https:\/\/akkadia.org\/drepper\/sha-crypt.html<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>We shall use SHA-512 instead.<\/p>\n<\/div>\n\n <\/div>\n <div class=\"phork-meta\">\n  <a href=\"https:\/\/p.cweiske.de\/599\/rev-raw\/fcef8e8f3c9b82cb6830a31fec0504bab2a7fe77\/README.rst\" style=\"float: right\">view raw source<\/a>\n  <a href=\"https:\/\/p.cweiske.de\/599#README.rst\">README.rst<\/a>\n <\/div>\n<\/div>\n<\/div>\n"}